Note: If you’ve read this before, you might want to rescan it. I’ve revamped how I laid out the data you need to gather as I felt this integrated better with the rest of the posts in the series

Having spent the past five years as chief architect on DellEMC’s Enterprise Hybrid Cloud and having worked very closely with the VMware Validated Designs (VVD) team when they were first getting started, you could say that VVD has a special place in my heart. For that reason, I thought it would be an interesting exercise to carry out a VVD build on VxRail.

If you’ve read my post on documentation styles here then you’ll know the type of documentation I like to use personally, so when I do a build as lengthy as as VVD 4.3 on VxRail, I like to create my own Breadcrumb documentation for my own future reference. This series of posts is going to capture that, and hopefully you guys will find use in it too.

Disclaimer: this is not intended to replace the existing documentation, which is very comprehensive. Nor will this be updated regularly if issues are found with settings from the original release. Think of it as a cheat sheet for repeat builds

Preparation

Before you do anything, get your ducks in a row. Fail to prepare, prepare to fail and all that. Here the are the key areas I mapped out before starting

Licenses

Have licenses together for the following items

vSphere 6.5

VSAN

NSX

Certificates

Certs. So important, so complex (sometimes). Thanks to the clever people I’ve worked with (special shout out to a good friend Brian O’Connell over at LifeOfBrianOC and the similarly clever people he’s recently joined forces with within the hallowed halls of VMware) certs need not be so scary. So pluck up the courage and use the CertGenVVD tool and get all your self-signed certs ready to rock before you start. Make sure you have all your FQDNs and let the cert tool take care of the hard work.

Common Parameters

Supporting Infrastructure

Parameter Key

Notes

Example

[ntp-ip]

Time Sync

192.168.76.32

[ad-domain]

Domain For Region A

regiona.domain.local

[dns-server]

Name Resolution

192.168.5.9

Active Directory Security Objects

Parameter Key

Notes

Example

[sddc-admins]

Used to admin the SDDC

SDDC Admins

[vcenter-admins-group]

Used to admin the vCenter

vCenter Admins

[ad-psc-bind-username]

Account used to connect SSO to Active Directory

ad-psc-bind

[ad-psc-bind-password]

VMw@r3!!

[svc-nsxmanager-username]

Account to connect NSX to vCenter

[svc-nsxmanager-password]

VMw@r3!!

[nsx-admin]

NSX Enterprise Admin

[nsx-admin-password]

VMw@r3!!

SSO Credential Information

Parameter Key

Notes

Example

[mgmt-shared-password]

VMw@r3!!

[sso-admin-password]

Derived from [mgmt-shared-password]

VMw@r3!!

VLAN Information

Know the VLANs you intended to use (and have already been setup on your TORs switches) for each of the following areas across the two VxRails.

Management VLANs

Parameter Key

Notes

Example

[mgmt-vlan]

1101

[mgmt-vmotion-vlan]

1102

[mgmt-vsan-vlan]

1103

[mgmt-vmnetwork-vlan]

1101

[mgmt-uplink01-vlan]

1106

[mgmt-uplink02-vlan]

1109

[mgmt-vxlan-vlan]

1104

SEC VLANS

Parameter Key

Notes

Example

[sec-vmotion-vlan]

1102

[sec-vsan-vlan]

1103

[sec-vmnetwork-vlan]

1101

[sec-uplink01-vlan]

1108

[sec-uplink02-vlan]

1110

[sec-vxlan-vlan]

1107

In my case I put the vCenters and hosts for both VxRails on the same VLAN -hence there being no explicit [sec-management-vlan]. You are free to keep them separate as you see fit. Just make sure that the relevant subnets are routable.

vMotion and vSAN while numerically the same were actually isolated and non-routable. Uplinks were independent and routable naturally. I piggy-backed my VM network on the 1101 with management as it was only a test build – do with those what you will.

Physical ESXi Node Information

You’ll need the know the DRAC IPs for all the ESXi nodes if you are going to do a factory reset as part of the process